Instant Messaging Topologies

You can deploy Instant Messaging Service in a variety of configurations to meet any company's needs. Your company's ideal Instant Messaging topology can be like one of the examples shown here, or it can include a combination of the features shown in two or more of these examples. The configuration you use is determined by your organization's:

• Number of users
• Security needs
• Number of external e-mail domains
• Geographical distribution of users
• Windows 2000 Server topology

The following examples show typical configurations and provide a starting point for you to plan your topology.

Note   For planning purposes, the approximate capacity for an Instant Messaging home server is 10,000 online users. The approximate capacity for an Instant Messaging router is 20,000 online users.

Educational Institution

The following might be used by a small to medium-sized educational institution with:

• A moderate number of users
• Proportionally heavy usage with a large number of users online
• One location
• No firewalls
• More than one Instant Messaging home server
• One or more Instant Messaging routers

Internet Service Provider

This deployment might be used by an ISP, and is characterized by:

• A large number of users (up to several million)
• Low ratio of users online at any one time
• No firewalls
• Multiple Instant Messaging home servers
• Multiple Instant Messaging routers

Large Enterprise Instant Messaging Topology

This topology provides Instant Messaging for an organization with:

• A large number of users
• Very high ratio of online users
• Multiple Instant Messaging home servers
• Multiple Instant Messaging routers
• Firewalls for inbound messages
• HTTP proxies for outbound messages

Instant Messaging Topology with a Perimeter Network

An organization using this topology places Instant Messaging routers that have Internet connectivity for incoming messages in a perimeter network, which is sometimes called a demilitarized zone. The perimeter network is designed to provide security.

Important   No matter how tight the security is on an external perimeter network, there is still a risk of exposure from an external or internal source. You need a plan that will help you react to a violation of security policy if one occurs.

Instant Messaging Topology with HTTP Reverse Proxies

This topology can be used by any size organization. An HTTP reverse proxy server is placed between the Internet and the Instant Messaging routers, usually instead of a firewall. Outgoing messages are routed through a proxy server. The reverse proxy server accepts all inbound Instant Messaging traffic and relays it to the Instant Messaging routers. A reverse proxy server is similar to a regular HTTP proxy server normally used for outbound traffic; in this configuration it accepts connection requests from the outside and relays them inside.

Instant Messaging Topology with Multiple E-mail Domains

This topology illustrates how you configure an organization with multiple e-mail domains. In this example:

• An Instant Messaging domain corresponds to each e-mail domain; for example, @us.microsoft.com corresponds to im.us.microsoft.com
• Different Instant Messaging routers answer to different domains
• A single Instant Messaging home server can service multiple domains
• A separate HTTP reverse proxy server, if used, must answer to each Instant Messaging domain

Instant Messaging Topology with Multiple Windows 2000 Forests

For organizations with more than one Windows 2000 Server forest, each forest is a separate Instant Messaging domain, and should be treated as an independent Instant Messaging installation.

Instant Messaging Topology for a Geographically Dispersed Enterprise

This topology might be used by an organization dispersed across more than one continent. For this example:

• Instant Messaging home servers host all users in their respective geographical units
• Automatic client caching reduces the long-distance bandwidth consumed

Related Topics